diff --git a/.travis.yml b/.travis.yml
index b64665761bc254d425cb6685c074e98417cec56d..436187bf4a2f10b5682f65d91c39abefec4e73ae 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -1,6 +1,6 @@
 ---
 language: python
-python: ["2.7", "3.2", "3.3", "3.4", "3.5"]
+python: ["2.7", "3.2", "3.3", "3.4", "3.5", "3.6"]
 dist: trusty
 sudo: false
 cache:
@@ -9,14 +9,19 @@ matrix:
   include:
     - python: "3.5"
       env: TOXENV=docs
+    - python: "3.5"
+      env: TOXENV=bandit
+    - python: "2.7"
+      env: TOXENV=pre-commit
+    - python: "3.5"
+      env: TOXENV=pre-commit
   allow_failures:
     - python: "3.2"
 
 install:
-  - pip install tox-travis pre-commit
+  - pip install tox-travis | cat
 
 script:
-  - pre-commit run --all-files
   - tox
 
 notifications:
diff --git a/VERSION b/VERSION
index 2b7c5ae01848a77d95e2792eb83ab605c9aed91a..70d5b25fa8733140e4b2b4516377c5ef6f96d496 100644
--- a/VERSION
+++ b/VERSION
@@ -1 +1 @@
-0.4.2
+0.4.3
\ No newline at end of file
diff --git a/template/__init__.py b/template/__init__.py
index c3b1b4918171967f809c62ec61d7291a69d08482..ccd38c9999b9f855794ca1915babed38aa3101d0 100755
--- a/template/__init__.py
+++ b/template/__init__.py
@@ -12,7 +12,7 @@ import template.filters
 
 
 def render(template_string):
-    env = Environment()
+    env = Environment(autoescape=True)
     # Add all functions in template.filters as Jinja filters.
     for tf in filter(lambda x: not x.startswith('_'), dir(template.filters)):
         env.filters[tf] = template.filters.__getattribute__(tf)
diff --git a/tox.ini b/tox.ini
index 1ea2e1322670a65f709ca387fa040a3eb51c0fd0..34b08a6fc11a19344bf0ead96baf42a3a3bfe25b 100644
--- a/tox.ini
+++ b/tox.ini
@@ -1,5 +1,5 @@
 [tox]
-envlist = py{2,3},docs
+envlist = py{2,3}
 
 [travis]
 python =
@@ -8,6 +8,7 @@ python =
     3.3: py3
     3.4: py3
     3.5: py3
+    3.6: py3
 
 [testenv]
 basepython =
@@ -38,7 +39,17 @@ deps =
     twine
     wheel
 commands =
-    sh -c 'git tag "v$(cat VERSION)" && git push --tags'
+    sh -c 'git tag -a "v$(cat VERSION)" && git push --tags'
     sh -c 'rm -rf dist/'
     python setup.py bdist_wheel
     twine upload --skip-existing dist/*.whl
+
+[testenv:bandit]
+basepython = python
+deps = bandit
+commands = bandit --recursive ./ --exclude .tox/,build/,dist/,template.egg-info
+
+[testenv:pre-commit]
+basepython = python
+deps = pre-commit
+commands = pre-commit run --all-files